package com.project.shiro.realm;

//import com.project.entity.User;
//import com.project.service.UserService;

import com.project.entity.User;
import com.project.service.UserService;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.apache.shiro.authc.*;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.authz.SimpleAuthorizationInfo;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.subject.PrincipalCollection;
import org.apache.shiro.util.ByteSource;
import org.springframework.beans.factory.annotation.Autowired;

/**
 * <p>User: Zhang Kaitao
 * <p>Date: 14-1-28
 * <p>Version: 1.0
 */
public class UserRealm extends AuthorizingRealm {

    @Autowired
    public UserService userService;
    private static Log log = LogFactory.getLog(UserRealm.class);

    /**
     * 权限注入,  可从DB中查询用户权限进行注入
     * @param principals
     * @return
     */
    @Override
    protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) {
        /**
         * 本项目权限管理较简单，只用到role即可
         * 1-平台管理员；2-SP开发管理员；3-SP运营管理员；4-终端用户
         * 四类不同用户分别对应角色如下：
         * 1-平台管理员(admin)；2-SP开发管理员(spDev)；3-SP运营管理员(spOpe)；4-终端用户(endUser)
         */

        String username = (String)principals.getPrimaryPrincipal();
        SimpleAuthorizationInfo authorizationInfo = new SimpleAuthorizationInfo();

//        HashSet<String> rolesSet=new HashSet<String>();
//
//        User user=userService.findByUserName(username);
//        if(user!=null) {
//            int userCategory=user.getCategory();
//            switch(userCategory)
//            {
//                case 1:
//                    rolesSet.add("admin");
//                    break;
//                case 2:
//                    rolesSet.add("spDev");
//                    break;
//                case 3:
//                    rolesSet.add("spOpe");
//                    break;
//                case 4:
//                    rolesSet.add("endUser");
//                    break;
//            }
//            authorizationInfo.setRoles(rolesSet); //注入角色权限
//            //authorizationInfo.setStringPermissions();
//            //authorizationInfo.setObjectPermissions();
//        }
        return authorizationInfo;
    }

    /**
     * 登录认证
     * @param token
     * @return
     * @throws AuthenticationException
     */
    @Override
    protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException {

        String username = (String)token.getPrincipal();

        User user = null;
        try {
            user = userService.findByUserName(username);
        } catch (Exception e) {
            e.printStackTrace();
        }

        if(user == null) {

            throw new UnknownAccountException();//没找到帐号
        }

        //交给AuthenticatingRealm使用CredentialsMatcher进行密码匹配，如果觉得人家的不好可以自定义实现
        SimpleAuthenticationInfo authenticationInfo = new SimpleAuthenticationInfo(
                user.getUsername(), //用户名
                user.getPassword(), //密码,不用加密直接传入
                ByteSource.Util.bytes(user.getSalt()),
                getName()  //realm name
        );


        return authenticationInfo;
    }


    @Override
    public void clearCachedAuthorizationInfo(PrincipalCollection principals) {
        super.clearCachedAuthorizationInfo(principals);
    }

    @Override
    public void clearCachedAuthenticationInfo(PrincipalCollection principals) {
        super.clearCachedAuthenticationInfo(principals);
    }

    @Override
    public void clearCache(PrincipalCollection principals) {
        super.clearCache(principals);
    }

    public void clearAllCachedAuthorizationInfo() {
        getAuthorizationCache().clear();
    }

    public void clearAllCachedAuthenticationInfo() {
        getAuthenticationCache().clear();
    }

    public void clearAllCache() {
        clearAllCachedAuthenticationInfo();
        clearAllCachedAuthorizationInfo();
    }

}
